SNCF — Securing Networks with Firepower — Question 156

An engineer is creating an URL object on Cisco FMC. How must it be configured so that the object will match for HTTPS traffic in an access control policy?

Answer options

• A. Specify the protocol to match (HTTP or HTTPS).
• B. Use the FQDN including the subdomain for the website.
• C. Use the subject common name from the website certificate.
• D. Define the path to the individual webpage that uses HTTPS.

Correct answer: C

Explanation

The correct answer is C because the subject common name from the website's certificate is necessary to accurately match HTTPS traffic. Option A is incorrect as simply specifying the protocol does not ensure a match. Option B is not sufficient since the FQDN alone does not guarantee traffic identification. Option D is irrelevant as the path is not needed for matching the overall HTTPS traffic.